Getting Starting with Virtualization Security

The Virtualization Security Podcast on 11/2 was quite a change from our normal podcast. Instead of featuring a vendor as a guest panelist, Gurusimran S Khalsa (known as GS) joined us. Our topic was getting started with virtualization security with a real world twist.

GS told us his story on how he got started with virtualization security which was in response to a series of breaches within the physical environment of his organization. This is normally when people start to get serious about virtualization security. But, this cautionary tale was tempered, with the knowledge that the virtual environment was not breached in any way but still, it was at risk. So the decision was made to improve the overall security, funds were allocated, and GS was sent out to determine what to buy.

In this podcast GS goes through his decision process and limited time scope to get everything. He freely admits he needed more time but, like everyone else, just did not have it. In the end he decided on a combination of products: HyTrust and Altor Networks. Why these?

HyTrust provides auditing and ability to manage authentication and authorization.

Altor Networks appliance provides insight into the virtual environment and defense in depth

This was not the end of GS’ virtualization security journey but yet, just the beginning. He often listens to the podcast, reads the recommended blogs, and books (Top Virtualization Security Links). In essence, it is a continual learning process.

For GS’ organization Auditing was a very important first step. So the rest of the panelists ran with this, raising our questions, and answering them with an eye towards getting started with virtualization security. We will have GS back on the podcast once he is near the end of the journey, to see what else he implemented within the environment.

Share this Article:

Edward L. Haletky aka Texiwill is an analyst, author, architect, technologist, and out of the box thinker. As an analyst, Edward looks at all things IoT, Big Data, Cloud, Security, and DevOps. As an architect, Edward creates peer-reviewed reference architectures for hybrid cloud, cloud native applications, and many other aspects of the modern business. As an author he has written about virtualization and security. As a technologist, Edward creates code prototypes for parts of those architectures. Edward is solving today's problems in an implementable fashion.